A digital signature and encryption scheme for secure exchange of e-mail and attached documents. You can use Pretty Good Privacy (PGP) to encrypt e-mail messages so that no one but the intended recipient can read them and to digitally sign messages so that the recipient can be sure of the identity of the sender and that the message has not been tampered with during transit.

PGP uses the RSA or Diffie-Hellman public key cryptography algorithm and supports 128-bit keys. When you send a digital signature, a hashing algorithm generates a hash from the username and other information, which is then encrypted using the sender’s private key. The hashing algorithm is MD5 when you use RSA and SHA-1 when you use Diffie-Hellman. As in a typical public key cryptography system, the recipient uses the sender’s public key to decrypt the signature and verify the sender’s identity. The sender’s public key is retrieved by the recipient from a public PGP key management server such as the one maintained by Network Associates.

PGP is popular in the Internet community but does not scale well for corporate enterprise applications because its key management facilities are implemented as a distributed “web of trust” rather than the usual hierarchical certificate authority (CA) scheme.